From 9ea55f88ee53c12a4f6054b0baab407fe5bb2ecf Mon Sep 17 00:00:00 2001 From: Aditya Thebe Date: Wed, 2 Oct 2024 17:02:20 +0545 Subject: [PATCH] docs: custom kubeconfigs on checks & topology lookup --- .../docs/reference/1-kubernetes-resource.mdx | 121 ++++++++++++++++ .../docs/reference/1-kubernetes.mdx | 90 ++++++++++++ .../docs/topology/lookups/kubernetes.md | 136 ++++++++++++++++-- styles/ignore/words-with-suggestions.txt | 1 + 4 files changed, 340 insertions(+), 8 deletions(-) diff --git a/canary-checker/docs/reference/1-kubernetes-resource.mdx b/canary-checker/docs/reference/1-kubernetes-resource.mdx index a8c6e172..62003ee8 100644 --- a/canary-checker/docs/reference/1-kubernetes-resource.mdx +++ b/canary-checker/docs/reference/1-kubernetes-resource.mdx @@ -116,6 +116,127 @@ check would be to see if a service is accessible via the ingress as shown in the ]} /> +### Remote clusters + +A single canary-checker instance can connect to any number of remote clusters via custom kubeconfig. +Either the kubeconfig itself or the path to the kubeconfig can be provided. + +#### kubeconfig from kubernetes secret + +```yaml title="remote-cluster.yaml" {11-15} +apiVersion: canaries.flanksource.com/v1 +kind: Canary +metadata: + name: pod-creation-test +spec: + schedule: "@every 5m" + kubernetesResource: + - name: pod creation on aws cluster + namespace: default + description: "deploy httpbin" + kubeconfig: + valueFrom: + secretKeyRef: + name: aws-kubeconfig + key: kubeconfig + resources: + - apiVersion: v1 + kind: Pod + metadata: + name: httpbin + namespace: default + labels: + app: httpbin + spec: + containers: + - name: httpbin + image: "kennethreitz/httpbin:latest" + ports: + - containerPort: 80 +``` + +#### Kubeconfig inline + +```yaml title="remote-cluster.yaml" {11-32} +apiVersion: canaries.flanksource.com/v1 +kind: Canary +metadata: + name: pod-creation-test +spec: + schedule: "@every 5m" + kubernetesResource: + - name: pod creation on aws cluster + namespace: default + description: "deploy httpbin" + kubeconfig: + value: | + apiVersion: v1 + clusters: + - cluster: + certificate-authority-data: xxxxx + server: https://xxxxx.sk1.eu-west-1.eks.amazonaws.com + name: arn:aws:eks:eu-west-1:765618022540:cluster/aws-cluster + contexts: + - context: + cluster: arn:aws:eks:eu-west-1:765618022540:cluster/aws-cluster + namespace: mission-control + user: arn:aws:eks:eu-west-1:765618022540:cluster/aws-cluster + name: arn:aws:eks:eu-west-1:765618022540:cluster/aws-cluster + current-context: arn:aws:eks:eu-west-1:765618022540:cluster/aws-cluster + kind: Config + preferences: {} + users: + - name: arn:aws:eks:eu-west-1:765618022540:cluster/aws-cluster + user: + exec: + .... + resources: + - apiVersion: v1 + kind: Pod + metadata: + name: httpbin + namespace: default + labels: + app: httpbin + spec: + containers: + - name: httpbin + image: "kennethreitz/httpbin:latest" + ports: + - containerPort: 80 +``` + +#### Kubeconfig from local filesystem + +```yaml title="remote-cluster.yaml" {11-12} +apiVersion: canaries.flanksource.com/v1 +kind: Canary +metadata: + name: pod-creation-test +spec: + schedule: "@every 5m" + kubernetesResource: + - name: pod creation on aws cluster + namespace: default + description: "deploy httpbin" + kubeconfig: + value: /root/.kube/aws-kubeconfig + resources: + - apiVersion: v1 + kind: Pod + metadata: + name: httpbin + namespace: default + labels: + app: httpbin + spec: + containers: + - name: httpbin + image: "kennethreitz/httpbin:latest" + ports: + - containerPort: 80 +``` + ### Templating The `resources` and `staticResources` fields can be templated using Go Templates. diff --git a/canary-checker/docs/reference/1-kubernetes.mdx b/canary-checker/docs/reference/1-kubernetes.mdx index fefcffce..4cad3b46 100644 --- a/canary-checker/docs/reference/1-kubernetes.mdx +++ b/canary-checker/docs/reference/1-kubernetes.mdx @@ -70,3 +70,93 @@ dyn(results).all(x, k8s.isReady(x)) ``` + + +### Remote clusters + +A single canary-checker instance can connect to any number of remote clusters via custom kubeconfig. +Either the kubeconfig itself or the path to the kubeconfig can be provided. + +#### kubeconfig from kubernetes secret + +```yaml title="remote-cluster.yaml" {11-15} +apiVersion: canaries.flanksource.com/v1 +kind: Canary +metadata: + name: pod-creation-test +spec: + schedule: "@every 5m" + kubernetes: + - name: pod creation on aws cluster + namespace: default + description: "deploy httpbin" + kubeconfig: + valueFrom: + secretKeyRef: + name: aws-kubeconfig + key: kubeconfig + kind: Pod + ready: true + namespaceSelector: + name: default +``` + +#### Kubeconfig inline + +```yaml title="remote-cluster.yaml" {10-31} +apiVersion: canaries.flanksource.com/v1 +kind: Canary +metadata: + name: pod-creation-test +spec: + schedule: "@every 5m" + kubernetes: + - name: pod creation on aws cluster + namespace: default + kubeconfig: + value: | + apiVersion: v1 + clusters: + - cluster: + certificate-authority-data: xxxxx + server: https://xxxxx.sk1.eu-west-1.eks.amazonaws.com + name: arn:aws:eks:eu-west-1:765618022540:cluster/aws-cluster + contexts: + - context: + cluster: arn:aws:eks:eu-west-1:765618022540:cluster/aws-cluster + namespace: mission-control + user: arn:aws:eks:eu-west-1:765618022540:cluster/aws-cluster + name: arn:aws:eks:eu-west-1:765618022540:cluster/aws-cluster + current-context: arn:aws:eks:eu-west-1:765618022540:cluster/aws-cluster + kind: Config + preferences: {} + users: + - name: arn:aws:eks:eu-west-1:765618022540:cluster/aws-cluster + user: + exec: + .... + kind: Pod + ready: true + namespaceSelector: + name: default +``` + +#### Kubeconfig from local filesystem + +```yaml title="remote-cluster.yaml" {10-11} +apiVersion: canaries.flanksource.com/v1 +kind: Canary +metadata: + name: pod-creation-test +spec: + schedule: "@every 5m" + kubernetes: + - name: pod creation on aws cluster + namespace: default + kubeconfig: + value: /root/.kube/aws-kubeconfig + kind: Pod + ready: true + namespaceSelector: + name: default +``` \ No newline at end of file diff --git a/mission-control/docs/topology/lookups/kubernetes.md b/mission-control/docs/topology/lookups/kubernetes.md index b50694c9..84e0fcfa 100644 --- a/mission-control/docs/topology/lookups/kubernetes.md +++ b/mission-control/docs/topology/lookups/kubernetes.md @@ -6,7 +6,7 @@ title: Kubernetes The Kubernetes component lookup fetches kubernetes resources to be used as components. -```yaml title="kube-check.yml" +```yaml title="kube-configmap-components.yml" --- apiVersion: canaries.flanksource.com/v1 kind: Topology @@ -15,7 +15,7 @@ metadata: spec: type: Config icon: kubernetes - schedule: '@every 30s' + schedule: '@every 5m' components: - name: configs icon: server @@ -24,12 +24,13 @@ spec: lookup: kubernetes: - kind: ConfigMap - display: - expr: | - dyn(results).map(c, { - 'name': c.name, - 'type': 'ConfigMap', - }).toJSON() + display: + expr: | + dyn(results).map(c, { + 'name': c.Object.metadata.name, + 'type': 'ConfigMap', + }).toJSON() + // highlight-end ``` @@ -55,3 +56,122 @@ spec: ## Results The `results` variable in the template is itself a list of all the kubernetes resources. + +## Remote clusters + +A single canary-checker instance can connect to any number of remote clusters via custom kubeconfig. +Either the kubeconfig itself or the path to the kubeconfig can be provided. + +### From kubernetes secret + +```yaml title="remote-cluster.yaml" +--- +apiVersion: canaries.flanksource.com/v1 +kind: Topology +metadata: + name: kubernetes-configs +spec: + type: Config + icon: kubernetes + schedule: '@every 5m' + components: + - name: configs + icon: server + type: ConfigMap + lookup: + kubernetes: + - kind: ConfigMap + display: + expr: | + dyn(results).map(c, { + 'name': c.Object.metadata.name, + 'type': 'ConfigMap', + }).toJSON() + // highlight-start + kubeconfig: + valueFrom: + secretKeyRef: + name: aws-kubeconfig + key: kubeconfig + // highlight-end +``` + +### Kubeconfig inline + +```yaml title="remote-cluster.yaml" +apiVersion: canaries.flanksource.com/v1 +kind: Topology +metadata: + name: kubernetes-configs +spec: + type: Config + icon: kubernetes + schedule: '@every 5m' + components: + - name: configs + icon: server + type: ConfigMap + lookup: + kubernetes: + - kind: ConfigMap + display: + expr: | + dyn(results).map(c, { + 'name': c.Object.metadata.name, + 'type': 'ConfigMap', + }).toJSON() + // highlight-start + kubeconfig: + value: | + apiVersion: v1 + clusters: + - cluster: + certificate-authority-data: xxxxx + server: https://xxxxx.sk1.eu-west-1.eks.amazonaws.com + name: arn:aws:eks:eu-west-1:765618022540:cluster/aws-cluster + contexts: + - context: + cluster: arn:aws:eks:eu-west-1:765618022540:cluster/aws-cluster + namespace: mission-control + user: arn:aws:eks:eu-west-1:765618022540:cluster/aws-cluster + name: arn:aws:eks:eu-west-1:765618022540:cluster/aws-cluster + current-context: arn:aws:eks:eu-west-1:765618022540:cluster/aws-cluster + kind: Config + preferences: {} + users: + - name: arn:aws:eks:eu-west-1:765618022540:cluster/aws-cluster + user: + exec: + .... + // highlight-end +``` + +### From local filesystem + +```yaml title="remote-cluster.yaml" +apiVersion: canaries.flanksource.com/v1 +kind: Topology +metadata: + name: kubernetes-configs +spec: + type: Config + icon: kubernetes + schedule: '@every 5m' + components: + - name: configs + icon: server + type: ConfigMap + lookup: + kubernetes: + - kind: ConfigMap + display: + expr: | + dyn(results).map(c, { + 'name': c.name, + 'type': 'ConfigMap', + }).toJSON() + // highlight-start + kubeconfig: + value: /root/.kube/aws-kubeconfig + // highlight-end +``` diff --git a/styles/ignore/words-with-suggestions.txt b/styles/ignore/words-with-suggestions.txt index 8bc50e58..811f1630 100644 --- a/styles/ignore/words-with-suggestions.txt +++ b/styles/ignore/words-with-suggestions.txt @@ -192,6 +192,7 @@ keypairs knowledgebase knowledgebases Kratos +kubeconfig kubectl Kuberhealthy kubernetes